[git commit] start_stop_daemon: set complementary group ids too. Closes 3253

Denys Vlasenko vda.linux at googlemail.com
Thu Sep 15 16:27:05 UTC 2011


commit: http://git.busybox.net/busybox/commit/?id=585541e8e338a85b9f18cf5f6ed88758b29e61f2
branch: http://git.busybox.net/busybox/commit/?id=refs/heads/master

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 debianutils/start_stop_daemon.c |   12 ++++++++++--
 networking/inetd.c              |    2 +-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/debianutils/start_stop_daemon.c b/debianutils/start_stop_daemon.c
index bc61959..02609c0 100644
--- a/debianutils/start_stop_daemon.c
+++ b/debianutils/start_stop_daemon.c
@@ -502,8 +502,16 @@ int start_stop_daemon_main(int argc UNUSED_PARAM, char **argv)
 	if (opt & OPT_c) {
 		struct bb_uidgid_t ugid = { -1, -1 };
 		parse_chown_usergroup_or_die(&ugid, chuid);
-		if (ugid.gid != (gid_t) -1) xsetgid(ugid.gid);
-		if (ugid.uid != (uid_t) -1) xsetuid(ugid.uid);
+		if (ugid.uid != (uid_t) -1) {
+			struct passwd *pw = xgetpwuid(ugid.uid);
+			if (ugid.gid != (gid_t) -1)
+				pw->pw_gid = ugid.gid;
+			/* initgroups, setgid, setuid: */
+			change_identity(pw);
+		} else if (ugid.gid != (gid_t) -1) {
+			xsetgid(ugid.gid);
+			setgroups(1, &ugid.gid);
+		}
 	}
 #if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
 	if (opt & OPT_NICELEVEL) {
diff --git a/networking/inetd.c b/networking/inetd.c
index fc6847b..26b6699 100644
--- a/networking/inetd.c
+++ b/networking/inetd.c
@@ -1414,7 +1414,7 @@ int inetd_main(int argc UNUSED_PARAM, char **argv)
 				bb_error_msg("non-root must run services as himself");
 				goto do_exit1;
 			}
-			if (pwd->pw_uid) {
+			if (pwd->pw_uid != 0) {
 				if (sep->se_group)
 					pwd->pw_gid = grp->gr_gid;
 				/* initgroups, setgid, setuid: */
-- 
1.7.3.4



More information about the busybox-cvs mailing list